forked from hitachienergy/epiphany
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
AzureCLI integration (hitachienergy#427)
* - Added login to Azure-CLI and selection of subscription. - Added creation of service principle. - Added creation of the resource group. * - Added posibility to run without service principal * - Changed text outputs * - Fixed typo.
- Loading branch information
Showing
12 changed files
with
1,400 additions
and
50 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,19 +1,45 @@ | ||
import os | ||
from cli.engine.TerraformCommand import TerraformCommand | ||
from cli.engine.azure.AzureCommand import AzureCommand | ||
from cli.helpers.Step import Step | ||
from cli.helpers.build_saver import get_terraform_path | ||
from cli.helpers.build_saver import get_terraform_path, save_sp, SP_FILE_NAME | ||
from cli.helpers.data_loader import load_yaml_file | ||
|
||
|
||
class TerraformRunner(Step): | ||
|
||
def __init__(self, cluster_name): | ||
def __init__(self, cluster_model): | ||
super().__init__(__name__) | ||
self.terraform = TerraformCommand(get_terraform_path(cluster_name)) | ||
self.cluster_model = cluster_model | ||
self.terraform = TerraformCommand(get_terraform_path(self.cluster_model.specification.name)) | ||
self.azure_cli = AzureCommand() | ||
|
||
def __enter__(self): | ||
super().__enter__() | ||
return self | ||
|
||
def run(self): | ||
self.terraform.init() | ||
self.terraform.apply(auto_approve=True) | ||
new_env = os.environ.copy() | ||
self.terraform.init(env=new_env) | ||
|
||
#if the provider is Azure we need to login and setup service principle. | ||
if self.cluster_model.provider == 'azure': | ||
subscription = self.azure_cli.login(self.cluster_model.specification.cloud.subscription_name) | ||
|
||
if self.cluster_model.specification.cloud.use_service_principal: | ||
sp_file = os.path.join(get_terraform_path(self.cluster_model.specification.name), SP_FILE_NAME) | ||
if not os.path.exists(sp_file): | ||
self.logger.info('Creating service principle') | ||
sp = self.azure_cli.create_sp(self.cluster_model.specification.cloud.resource_group_name, subscription['id']) | ||
save_sp(sp, self.cluster_model.specification.name) | ||
else: | ||
self.logger.info('Using service principle from file') | ||
sp = load_yaml_file(sp_file) | ||
|
||
#Setup environment variables for Terraform when working with Azure. | ||
new_env['ARM_SUBSCRIPTION_ID'] = subscription['id'] | ||
new_env['ARM_TENANT_ID'] = sp['tenant'] | ||
new_env['ARM_CLIENT_ID'] = sp['appId'] | ||
new_env['ARM_CLIENT_SECRET'] = sp['password'] | ||
|
||
self.terraform.apply(auto_approve=True, env=new_env) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -7,5 +7,4 @@ def __enter__(self): | |
return self | ||
|
||
def __exit__(self, exc_type, exc_value, traceback): | ||
pass | ||
|
||
pass |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,49 @@ | ||
import json | ||
import re | ||
import time | ||
from subprocess import Popen, PIPE | ||
from cli.helpers.Log import LogPipe, Log | ||
from cli.helpers.doc_list_helpers import select_first | ||
|
||
|
||
class AzureCommand: | ||
def __init__(self): | ||
self.logger = Log(__name__) | ||
|
||
def login(self, subscription_name): | ||
all_subscription = self.run(self, 'az login') | ||
subscription = select_first(all_subscription, lambda x: x['name'] == subscription_name) | ||
if subscription is None: | ||
raise Exception(f'User does not have access to subscription: "{subscription_name}"') | ||
self.run(self, f'az account set --subscription {subscription["id"]}') | ||
return subscription | ||
|
||
def create_sp(self, app_name, subscription_id): | ||
#TODO: make role configurable? | ||
sp = self.run(self, f'az ad sp create-for-rbac -n "{app_name}" --role="Contributor" --scopes="/subscriptions/{subscription_id}"') | ||
# Sleep for a while. Sometimes the call returns before the rights of the SP are finished creating. | ||
for x in range(0, 20): | ||
self.logger.info(f'Waiting 20 seconds...{x}') | ||
time.sleep(1) | ||
return sp | ||
|
||
@staticmethod | ||
def run(self, cmd): | ||
self.logger.info('Running: "' + cmd + '"') | ||
|
||
logpipe = LogPipe(__name__) | ||
with Popen(cmd, stdout=PIPE, stderr=logpipe, shell=True) as sp: | ||
logpipe.close() | ||
try: | ||
data = sp.stdout.read().decode('utf-8') | ||
data = re.sub(r'\s+', '', data) | ||
data = re.sub(r'(\x9B|\x1B\[)[0-?]*[ -\/]*[@-~]', '', data) | ||
output = json.loads(data) | ||
except: | ||
output = {} | ||
|
||
if sp.returncode != 0: | ||
raise Exception(f'Error running: "{cmd}"') | ||
else: | ||
self.logger.info(f'Done running "{cmd}"') | ||
return output |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,13 @@ | ||
from cli.helpers.Step import Step | ||
|
||
|
||
class ConfigBuilder(Step): | ||
def __init__(self): | ||
class InfrastructureBuilder(Step): | ||
def __init__(self, docs): | ||
super().__init__(__name__) | ||
self.docs = docs | ||
|
||
def run(self): | ||
raise NotImplementedError() | ||
infrastructure = [] | ||
|
||
return infrastructure | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1,19 @@ | ||
# TODO: Fill template | ||
##################################################### | ||
# DO NOT Modify by hand - Manage by Automation | ||
##################################################### | ||
##################################################### | ||
# This file can be used as a base template to build other Terraform files. It attempts to use as much | ||
# Terraform interprolation as possible by creating Terraform variables instead of changing inline | ||
# this approach provides an easier way to do creative looping, fetch IDs of created resources etc. | ||
##################################################### | ||
##################################################### | ||
# {{ specification.name }} | ||
##################################################### | ||
|
||
provider "azurerm" { | ||
} | ||
|
||
resource "azurerm_resource_group" "rg" { | ||
name = "{{ specification.cloud.resource_group_name }}" | ||
location = "{{ specification.cloud.region }}" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters